iTeachWise
For District IT, Procurement & Compliance Teams

iTeachWise AI Transparency & Data Privacy

Everything your district IT team, administrators, and parents need to know about how iTeachWise uses AI and protects student data. No hidden practices. Full disclosure.

Request district compliance docs Read the PIA Q&A
At a glance: iTeachWise is FERPA-aligned, COPPA-compliant, US-hosted, encrypted in transit and at rest, and never uses student data to train AI models. We sign district DPAs and respond to compliance questions within one US business day.

1. What data iTeachWise collects

iTeachWise is a teacher-facing platform. The default data surface is intentionally minimal — most schools can adopt iTeachWise without a single byte of student PII ever entering the system.

What we collect (and why)

  • Teacher account data — Name, work email, school or district affiliation, role (teacher / coach / administrator), and the password hash used to sign in.
  • Usage data — Which features a teacher uses, how many lessons / assessments / rubrics they generate, and basic timing data so we can keep the service fast.
  • Content the teacher chooses to save — Lesson plans, assessments, rubrics, and notes that the teacher explicitly saves to their Vault. Stored only in the teacher's own account.
  • Billing data (paid plans only) — Processed by Stripe. iTeachWise never sees or stores card numbers — only an opaque Stripe customer ID and the subscription status.

What we never collect

  • No student PII is required for any core feature
  • No biometric data of any kind
  • No behavioral tracking of students
  • No student data is sold to third parties — ever
  • No student data is used to train, fine-tune, or improve AI models
  • No advertising trackers, no third-party ad SDKs
  • No location tracking of students

2. How iTeachWise uses AI

iTeachWise uses generative AI to draft instructional artifacts. Every output is reviewed and approved by a human teacher before it reaches a student. AI is a drafting tool — the teacher is the author of record.

  • AI drafts, the teacher decides — iTeachWise uses AI to draft lesson plans, differentiated activities, rubrics, and parent-communication letters. Every output is reviewed and approved by the teacher before it reaches a student.
  • Teacher is the author of record — Because every artifact passes through human review, the teacher is the pedagogical author of record. AI is a drafting tool, not an instructional decision-maker.
  • No student data goes to the model — Teacher prompts (grade band, standard, topic, accommodation type) are sent to the underlying AI provider. Student names, IDs, IEP details, or other PII are never required and should not be entered.
  • Underlying models — Anthropic Claude (Sonnet) and OpenAI GPT-4o, accessed via their enterprise APIs under zero-data-retention / no-training agreements. We do not host an in-house foundation model.
  • Generation logs are scoped to the teacher — Generation history is visible only to the teacher who created it. School and district admins can see usage counts and feature adoption — they cannot read teacher prompts or generated content.

3. Compliance & certifications

iTeachWise is built to meet the security, privacy, and compliance baseline expected by US K-12 districts and international education ministries.

  • FERPA aligned — no education records of identified students are processed by default
  • COPPA compliant — no accounts for children under 13; teacher accounts only
  • All traffic encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • All data hosted on US-based infrastructure (Neon, AWS us-east region)
  • SOC 2 Type II — audit in progress, target completion Q3 2026
  • GDPR-aligned data subject rights (access, deletion, export) for EU/UK educators
  • Student Data Privacy Consortium (SDPC) signatory — application in review
  • Standard DPA available for district legal review on request

State-specific compliance (top 5 states with active AI bills)

134 AI-in-education bills are active across 31 US states as of May 2026. iTeachWise's policies map directly to the most-cited statutory requirements.

StateStatuteiTeachWise position
California AB 1159 — AI in K-12 transparency iTeachWise does not use student data to train AI models. Generation logs and audit trails are available on request.
Idaho SB 1227 — AI must not replace human teachers iTeachWise is a teacher-driven drafting tool. Every output requires teacher review before reaching a student. The platform cannot grade, place, or evaluate students autonomously.
Oklahoma Responsible Technology in Schools Act iTeachWise supports districts in adopting written AI-use policies. We provide a sample district AI policy template and acceptable-use disclosures on request.
South Carolina H.B. 5253 — parental notice & opt-in for AI in instruction iTeachWise supports parental opt-in workflows and human oversight for every AI-assisted artifact. A parent-facing disclosure letter template is included.
Maryland Human-oversight mandate for AI in education All iTeachWise AI output requires teacher review and approval before classroom use. The platform cannot deliver instruction directly to students without a teacher in the loop.

This page is updated as state laws change. Don't see your state? Email district-compliance@iteachwise.com and we'll publish a state-specific position within one business day.

Privacy Impact Assessment — pre-answered

The eight questions below are the standard PIA questions every district must answer before approving an EdTech tool. iTeachWise pre-answers all of them so your procurement team doesn't have to wait on a vendor questionnaire round-trip.

What student data does iTeachWise collect?

By default, none. iTeachWise is a teacher-facing tool — no student account, login, or roster import is required to generate lessons, assessments, or rubrics. If a teacher voluntarily includes student-identifying details in a prompt, that text is treated as part of the teacher's own private workspace and is never shared, sold, or used to train AI models.

Where is data stored, and for how long?

All data is stored on US-based infrastructure (Neon Postgres, AWS us-east region). Teacher account data and saved Vault content are retained for the life of the account; teachers can export or delete their content at any time. Generation logs are retained for 90 days for fraud and abuse review, then purged.

Is student data used to train iTeachWise's AI models?

No. iTeachWise does not host its own foundation model and never uses customer prompts, saved artifacts, or any other district data to train or fine-tune the underlying AI providers. Anthropic and OpenAI are used via their enterprise APIs with zero-data-retention / no-training-on-customer-data agreements.

What happens in the event of a data breach?

iTeachWise will notify affected districts and account owners within 72 hours of confirmed unauthorized access, in line with FERPA and state breach-notification laws. Notifications include scope, affected accounts, and remediation steps. A full incident response runbook is available under DPA.

What parental consent is required?

Because iTeachWise does not collect student PII for core features, no direct parental consent is required for routine use. Districts adopting iTeachWise as part of mandatory instruction in states requiring AI-use parental notice (e.g., South Carolina H.B. 5253) can use our parent-disclosure letter template as a starting point.

Can data be deleted upon request?

Yes. Teachers can delete individual artifacts from their Vault at any time. Account-level deletion (full erasure of teacher account, Vault content, and generation logs) is available on request via support@iteachwise.com or through the District Compliance contact form. We process verified deletion requests within 30 days.

Who has access to data inside iTeachWise?

Teacher Vault content is visible only to the teacher who created it. School / district admins can see aggregate usage metrics (logins, generation counts, feature adoption) — they cannot read teacher prompts or generated content. Internal access is restricted to a small named engineering on-call group, all with signed confidentiality agreements and audit-logged access.

Is iTeachWise subject to FERPA?

iTeachWise operates as a 'school official' under FERPA's school-official exception when a district adopts the platform. Because we do not require student PII for core features, the FERPA-protected data surface is intentionally minimized. We sign district-specific Data Privacy Agreements (DPAs) on request.

For district IT teams — downloadable resources

The following documents are available on request to verified district staff. Most requests are answered within one US business day.

  • Data Processing Agreement (DPA) — full text + downloadable PDF. Modeled on the SDPC National DPA.
  • Sub-Processor List — live, complete list of every third-party that processes District data, with 30-day change notice.
  • EU & UK Compliance schedule — GDPR, UK GDPR, SCCs, UK IDTA, Swiss FADP, EU AI Act disclosure, DPO contact.
  • Security overview PDF — encryption, access control, incident response (request via form below).
  • FERPA compliance letter — district-addressable letter confirming FERPA-aligned operating practices.
  • Sample district AI-use policy — drop-in template aligned to Oklahoma RTSA and similar state mandates.
  • Parent disclosure letter template — for districts in opt-in states (e.g., South Carolina H.B. 5253).

Download DPA (PDF) Request other compliance docs

Contact for compliance questions

Have a compliance question our team hasn't answered here? We respond to all district procurement and IT inquiries within one US business day.

Contact District Compliance Team district-compliance@iteachwise.com

Frequently asked questions

Does iTeachWise sell or share student data with third parties?

No. iTeachWise does not sell, rent, or share student data, teacher data, or any account content with third-party advertisers, data brokers, or marketing partners. The only third parties that ever see system data are sub-processors strictly necessary to deliver the service (hosting, AI providers, payment processing) — all bound by enterprise agreements and listed in our DPA.

Can our district sign its own Data Privacy Agreement?

Yes. iTeachWise provides a standard DPA modeled on the Student Data Privacy Consortium (SDPC) National DPA, and we accept district-specific DPAs for legal review. Most districts complete review and signature within 1–2 weeks. Contact district-compliance@iteachwise.com to start.

How does iTeachWise handle requests from law enforcement?

iTeachWise responds only to valid, lawful, narrowly-scoped legal process (subpoena, court order, warrant) directed at iTeachWise. We notify the affected district before producing any data unless legally prohibited. We do not provide bulk data access to any government agency.

Is iTeachWise approved by the Student Data Privacy Consortium?

iTeachWise is in the SDPC signatory application process and adopts the SDPC National DPA as the baseline for district agreements. Confirmed signatory status will be posted to this page once finalized.

Can students use iTeachWise directly?

iTeachWise is a teacher-facing platform. There are no student logins, no student dashboards, and no student profiles. The only student-facing surfaces are anonymous, link-based assignment submission pages where a student answers questions without creating an account — and even those collect only the answers the student types.

Where can I get the documents my procurement team needs?

Use the District Compliance contact form below to request the standard DPA, security overview PDF, FERPA compliance letter, and current sub-processor list. Documents are delivered within one US business day.

Talk to our compliance team See iTeachWise for Schools